Comments (5)
No plans yet but thanks for putting it on my radar.
From my first look at sqlcipher I'm not sure it's a good idea to force this change on users. I would be open to an approach that used build tags to select whether sqlcipher is used. Basically an opt in feature.
If this is something you are interested in spearheading I would be grateful for the contribution.
from sqlite.
I've been searching around and I found bunch of other implementations regarding the stream cipher, and I found this, It's by far simplest and smallest compare to others but I'm a little bit worried about protocol and implementation of that. Most of the case, people should not write their own crypto package.
I'd would love to help to push this forward but I need some guidance, maybe some documentation on how to integrate cipher into sql and let user decide what they want to use.
from sqlite.
Hello @AdamSLevy,
During pass 2 days I was trying to port sqleet back to this and the result is here:
https://github.com/alinz/sqlite/tree/encryption
There are couple of issues:
1: new version of Sqlite3 has some api changes which requires deeper touch on c files and go files, that's why I had to go back to 3.31.1 version, which is fine for now.
2: I got the some part of the code working, I can encrypt the file, but upon opening it, sqlite driver error out:
sqlite.Conn.Prepare: SQLITE_NOTADB: file is not a database (PRAGMA journal_mode=wal;)
This is as far as I can go since I don't have a deep knowledge of this library and I was hoping you can guide me through this.
from sqlite.
Awesome work. Thank you. I took a closer look at both projects. I personally prefer sqlcipher as it seems like a more mature project. That being said, the techniques required to support either are going to be very similar, and they even use the exact same C API, which allows for the Go code to not change no matter which extension is selected.
Are you familiar with Go build tags? This is the technique I would like to use to allow for conditional compilation of these features. For example if a user wanted to use SQLeet, they'd use a tag in their build like so:
go build -tags sqleet
If you're not familiar these articles are good,
https://www.digitalocean.com/community/tutorials/customizing-go-binaries-with-build-tags
https://dave.cheney.net/2013/10/12/how-to-use-conditional-compilation-with-the-go-build-tool
I took a close look at your branch. Will you please open a PR so we can more easily comment on and discuss code changes? There were a number of issues with the example code, and with how you were setting the key, but ultimately I got it working. If you open a PR, then I can push my changes and I will review your code with comments explaining some things I'd like to see in more detail.
2: I got the some part of the code working, I can encrypt the file, but upon opening it, sqlite driver error out:
sqlite.Conn.Prepare: SQLITE_NOTADB: file is not a database (PRAGMA journal_mode=wal;)
This is because by default this package creates databases in WAL mode which is a setting that must be read from the database header when opening an existing file. However the header is encrypted and so reading fails because the WAL mode option has not been read. This can be dealt with by using a URI that sets the key and the journal mode like this: file:./database.db?key=swordfish&journal_mode=wal
.
See the section right above this linked section in the README: https://github.com/resilar/sqleet#uri-configuration-interface
Great work. This is looking really do-able and will be a great added feature.
from sqlite.
@AdamSLevy Thank you for your support,
I have familiar with build tags and I like the idea of using it. I have made a PR so we can start the conversation there. The PR is far from ready for merge but with your help I can make it there.
Thanks
from sqlite.
Related Issues (20)
- Further simplification of sqlitex.Pool.Get is not correct HOT 4
- Code generation? HOT 1
- doubled quoted key names as argument to json_object cause Prepare to fail HOT 1
- Multiple sqlitex.Pools giving off by 1 values HOT 2
- sqlitex.ExecScript fails to run scripts that include statements that cannot be executed within a transaction HOT 2
- API to retrieve column blob into slice of arbitrary length HOT 2
- BindBytes stores empty blobs as NULL HOT 2
- Pool.Close leaves behind WAL files HOT 8
- The state of the project. HOT 8
- No way to write blob in custom function
- Compile Time error HOT 5
- Compilation warning about memcpy with gcc 11.2.0 HOT 8
- sqlite.Stmt.Finalize should panic if called on a Stmt returned from Conn.Prepare HOT 5
- Running PRAGMA statments in sqlitex.OpenInit script
- sqlite3 math extension HOT 4
- Unable to build on Windows
- Build failure when using gcc 12. HOT 1
- ExecScript and Save panic on corrupt database
- sqlitex.ExecTransient and sqlitex.Exec not executing statements
- Support sqlite3_db_cacheflush HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sqlite.